<!DOCTYPE html>
<html>
<head>
<script src="../../../resources/js-test.js"></script>
<script src="../resources/common.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>

<script>
description("Tests deriveKey() with various bad parameters for PBKDF2");

jsTestIsAsync = true;

var testCase = {
    password: "password",
    salt: "salt",
    c: 1,
    dkLen: 20,
    hash: "SHA-1",
    derived_key_full_length: "0c60c80f961f0e71f3a9b524af6012062fe037a6"
 };

function importPbkdf2Key() {
    var key = null;

    debug("Importing the password...");

    var algorithm = {name: 'PBKDF2'};

    var password = asciiToUint8Array(testCase.password);
    var usages = ['deriveBits', 'deriveKey'];
    var extractable = false;

    // (1) Import the password
    return crypto.subtle.importKey('raw', password, algorithm, extractable, usages).then(function(result) {
        key = result;
        return key;
    });
}

var pbkdf2Key = null;

var params = {
    name: 'PBKDF2',
    salt: asciiToUint8Array(testCase.salt),
    iterations: testCase.c,
    hash: {name: testCase.hash}
};
importPbkdf2Key().then(function(result) {
    pbkdf2Key = result;

    debug("\nDeriving an AES key with no length...");
    var derivedAlgorithm = {name: 'aes-cbc'};
    var extractable = true;
    var usages = ['encrypt'];

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("\nDeriving an AES key with bad length...");
    var derivedAlgorithm = {name: 'aes-cbc', length: 120};
    var extractable = true;
    var usages = ['encrypt'];

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("\nDeriving an AES key with unsupported length...");
    var derivedAlgorithm = {name: 'aes-cbc', length: 192};
    var extractable = true;
    var usages = ['encrypt'];

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("\nDeriving an AES-CBC key with unsupported usage (sign)...");
    var derivedAlgorithm = {name: 'aes-cbc', length: 128};
    var extractable = true;
    var usages = ['sign'];  // Not valid for AES-CBC.

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("\nDeriving a zero-length HMAC key...");
    var derivedAlgorithm = {name: 'HMAC', hash: "sha-1", length: 0};
    var extractable = true;
    var usages = ['sign'];

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("\nDeriving an ECDH key...");
    var derivedAlgorithm = {name: 'ECDH', namedCurve: "P-256"};
    var extractable = true;
    var usages = ['deriveBits'];

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("\nDeriving an RSA-OAEP key...");
    var derivedAlgorithm = {name: 'RSA-OAEP', hash: "sha-1"};
    var extractable = true;
    var usages = ['encrypt'];

    return crypto.subtle.deriveKey(params, pbkdf2Key, derivedAlgorithm, extractable, usages);
}).then(failAndFinishJSTest, function(result) {
    logError(result);

    debug("");
}).then(finishJSTest, failAndFinishJSTest);

</script>

</body>
</html>
